European Companies Search Engine
Privacy Policy
Stored and displayed data (register data)
The economic information (register data) presented on North Data is based on the mandatory publications of European companies from sources such as the commercial register, insolvency register and Federal Gazette (see sources). Detailed information on the subject of register data and data protection, blocking and corrections can be found in our information sheet on register data on North Data (PDF format).
Personal data processing of users of this website
We process personal user data only to the vital extent of a functional website, our content and our services. We limit ourselves to the typical minimum of a commercial website, i.e. the use of a statistical tool (see section tracking) and advertising (see cookies section). The personal data processed as part of this online service includes:
- Inventory data (e.g. names and addresses of customers),
- contact details,
- communication data,
- contract data (e.g. services used, payment information),
- usage data and
- Meta/communication data (e.g. device information, IP addresses).
The following persons are affected by data processing:
- Contractual and business partners,
- users of our online service
- third parties who are interested in our online service or who contact us for other reasons and
- customers.
The processing of the resulting data can largely be prevented by your browsers settings.
Communication
We exclusively use secure protocols such as HTTPS to provide our services. Our website received a grade of “A+” in SSL-Labs’ SSL server test. In this respect, we have taken sufficient organizational measures within the meaning of Art. 32 GDPR, which correspond to the state of the art, taking into account the implementation costs and the type, scope, circumstances and purposes of data processing as well as the different probabilities of occurrence and severity of the risk for the rights and liberties to ensure a sufficient level of protection for your data.
Disclosure of data to third parties and third parties
Data will only be passed on to third parties in conformity with legal requirements. We only pass user data on to third parties if it is necessary for contractual purposes based on Art. 6(1)(b) GDPR or based on legitimate interests in accordance with Art. 6(1)(f) GDPR on the economical and effective operation of our business operations.
We only use subcontractors to provide our services if we have taken appropriate legal precautions as well as appropriate technical and organizational measures to ensure the protection of the personal data processed in accordance with the relevant legal regulations.
If the content, tools or other means described in this privacy policy are used by other providers (hereinafter collectively referred to as “third-party providers”), we observe the legal requirements and in particular conclude corresponding contracts or agreements that serve to protect your data. The recipients of this data may include, for example, payment institutions in the context of payment transactions, service providers commissioned with IT tasks or providers of services and content that are integrated into a webpage.
If we use a third-party provider whose registered office is in a third country (outside the European Union (EU) or the European Economic Area), it can be assumed that data will be transferred to the third-party provider's home country. Data will only be transferred to third countries if there is an appropriate level of data protection, user consent or other legal permission.
Provision of contractual services
We process inventory data (e.g. names and addresses as well as contact details of users), contract data (e.g. services used, names of contact persons, payment information) in order to fulfill our contractual obligations and services in accordance with Art. 6(1)(b) GDPR. We inform the contractual partners what data is required for the aforementioned purposes before or as part of data collection, in online forms, through special marking, such as the use of asterisks, or by personal message. Within the scope of applicable law, we only pass this data on to third parties to a necessary extent either for the aforementioned purposes or to fulfill legal obligations or with your consent.
We delete the data after statutory warranty and comparable obligations have expired, i.e. generally after 4 years, unless the data is stored in a customer account. In this case, for commercial or tax law reasons, we are generally obliged to archive this data for a longer period on the basis of Article 6(1)(c) GDPR, usually 10 years. We delete data that was disclosed to us by the contractual partner as part of a contractual relationship in accordance with the requirements of the contract, generally after the contractual services have been fulfilled.
Users can optionally create a user account where they can view their contractual relationship. As part of registration, the required mandatory information is communicated to users. User accounts are not public and cannot be indexed by search engines. If users have terminated their user account, their data will be deleted with regard to the user account, unless their retention is necessary for commercial or tax reasons. It is the users' responsibility to back up their data before the end of the contract if the contract is terminated. We are entitled to irretrievably delete all user data stored during the term of the contract.
As part of registration and re-registration as well as use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests (Art. 6(1)(f) GDPR), as well as the user's protection against misuse and other unauthorized use. This data will generally not be passed on to third parties unless it is necessary to pursue our claims or there is a legal obligation to do so in accordance with Art. 6(1)(c) GDPR.
As a rule, we cannot track web pages visited or search queries made.
Cookies
Cookies are text files that are stored on the user's computer and enable the use of the website to be analyzed. Cookies are stored on the user's computer and transmitted from the user to our site. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to fully use all functions of the website.
In addition to tracking and advertising (see corresponding sections), we only use cookies for unregistered users to remember which advertising messages the user has hidden so that the corresponding messages are not displayed again. Our systems do not store or evaluate these cookies any further. For registered users, we store the login information and personal settings in cookies. There are currently no personal settings, but this may be the case in the future.
We also use cookies for banner advertising on our site. You can view a list of the different cookies and their purposes by clicking on this link.
The legal basis for the processing of personal data using cookies is Article 6 (1) (f) GDPR.
IP address and tracking
Every access to this website is logged. Storage serves internal system-related and statistical purposes and to maintain data security. The information that your browser transmits to us is collected and stored. These are: browser type/version, operating system used, referrer URL (the previously visited page), host name of the accessing computer (IP address), time of the server request. Due to the mandatory technical implementation, the provider where we host our website also gains knowledge of this information. Our websites’ frontend is hosted at Google LLC 1600 Amphitheater Parkway Mountain View, USA. We have concluded a data processing agreement with Google LLC in accordance with Art. 28 GDPR, which ensures that the data is only processed on our behalf and for us. In this respect, it is excluded that the data is used by Google LLC itself or is merged with other data in the Google group. Due to the foreign connection to a third country, we have concluded additional standard contractual clauses in order to meet the legal requirements according to Art. 44 ff. GDPR.
The user data collected in this way is pseudonymized using technical precautions. It is therefore no longer possible to assign the data to the accessing user. The data is not stored together with other personal data of the users. The IP address is anonymized by redacting the last digits and cannot be assigned to specific people.
As with almost all websites, the evaluation is carried out in the aggregated form of standard website statistics programs. We currently use the statistics tool Clicky (clicky.com). You can stop the logging of your views at any time using this link: Clicky Opt Out.
Based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online service within the meaning of Art. 6(1)(f) GDPR), we use Clicky, a web analysis service from Roxr Software Ltd, 10883 SE Main St #201 , Milwaukie, USA (“Roxr”). Roxr uses cookies. The information generated by the cookie about users' use of the online service is usually transferred to a Roxr server in the United States and stored there for 18 months after the last digits of the assignment ID have been removed. Roxr will process this information exclusively on our behalf to evaluate the use of our online service and to compile reports on the activities within our online services. Pseudonymous user profiles can be created from the processed data. We only use Clicky with IP anonymization activated. This means that the user's IP address is shortened by Roxr within the Area of the European Union or the European Economic Area. The purpose and scope of data collection and the further processing and use of the data by Clicky can be found in the Roxr privacy policy and the data processing agreement. We have concluded a standard contractual clause with Roxr in order to be able to take into account the appropriate level of data protection despite the reference to third countries in accordance with Art. 44 GDPR.
Social Plugins
We do not use Social Plugins on this website (e.g. from Facebook, Twitter, etc.).
Bestellungen und Abrechnung
When registering for the North Data Premium Service, customer data is requested that is necessary or helpful for providing the service, billing and accounting (in which case the information is voluntary).
We use the following external systems for billing: Billwerk Mainzer Landstraße 51, 60329 Frankfurt am Main (for the North Data Premium Services) ) and Billomat GmbH & Co. KG, Lorenzer Straße 31, 90402 Nürnberg (for all other products). Your customer data is stored in these systems.
Integration of third-party services and content
Within our online service, based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online service within the meaning of Art. 6(1)(f) GDPR) or based on your consent (Art. 6(1)(a) GDPR), we use content or services from third parties in order to integrate their content and services, such as videos or fonts (hereinafter referred to as “content”). This is used to provide our online service and to make our online service user-friendly. This always requires the third party providers of this content to be aware of the user's IP address, as they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content. We make an effort to solely use content providers that only use the IP address to deliver the content.
The following presentation provides an overview of third-party providers and their content, along with links to their data protection declarations, which contain further information on the processing of data and, in some cases already mentioned here, objection options (so-called opt-out):
- External fonts from Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland., https://www.google.com/fonts (“Google Fonts”). The integration of Google Fonts occurs through a server call at Google LLC (usually in the USA). We have agreed a contract with Google in accordance with Art. 28 GDPR and concluded the standard contractual clauses. Data protection declaration: https://www.google.com/policies/privacy/, opt-out: https://www.google.com/settings/ads/.
- We can also use the “Google Tag Manager”. This service allows website tags to be managed via an interface. This means that cookies are no longer used. The Google Tool Manager triggers other tags, which in turn may collect data. However, Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it remains in effect for all tracking tags if they are implemented with the Google Tag Manager.
Contact
The person responsible within the meaning of the GDPR is:
North Data GmbH
Hermannstraße 22, 20095 Hamburg
Email: info@northdata.com
Responsible: Frank Felix Debatin
Please understand that we cannot accept requests to protect personal data by telephone, as we have no way of checking the legitimacy of the request.
For information on data protection, please contact:
Email: privacy@northdata.com where you can reach our data protection officer.
Rights of those affected according to GDPR
If your personal data is processed, you are the data subject within the meaning of the GDPR and you have the following rights towards the responsible person:
1. Right to information
You can request confirmation from the person responsible as to whether personal data concerning you is being processed by us.
If that is the case, you can request information from the person responsible about the following information:
(1) the purpose of the personal data that is being processed;
(2) the categories of personal data that is being processed;
(3) the recipients or categories of recipients to whom your personal data has been or will be disclosed;
(4) the planned duration of storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;
(5) the right to rectification or deletion of personal data concerning you, a right to restrict processing by the controller or a right to object to this processing;
(6) the right to lodge a complaint with a supervisory authority;
(7) all available information about the origin of the data if the personal data is not collected from the data subject;
(8) the existence of automated decision-making including profiling in accordance with Article 22 Paragraphs 1 and 4 GDPR and - at least in these cases - meaningful information about the logic involved as well as the scope and intended effects of such processing for the data subject.
You have the right to request information as to whether the personal data concerning you will be transferred to a third country or to an international organization. In this context, you can request to be informed about the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transfer.
When processing data for scientific, historical or statistical research purposes:
This right to information may be limited to the extent of being likely to make the realization of the research or statistical purposes impossible or seriously impair it and the restriction is necessary for the fulfillment of the research or statistical purposes.
2. Right to rectification
You have the right to request correction and/or completion from the person responsible if the personal data processed concerning you is incorrect or incomplete. The person responsible must make the correction promptly.
When processing data for scientific, historical or statistical research purposes:
Your right to rectification may be limited to the extent of being likely to make impossible or seriously impair the achievement of the research or statistical purposes and the restriction is necessary for the fulfillment of the research or statistical purposes.
3. Right to restriction of processing
You can request the restriction of the processing of personal data concerning you under the following conditions:
(1) if you contest the accuracy of the personal data relating to you for a period enabling the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you refuse the deletion of the personal data and instead request the restriction of the use of the personal data;
(3) the person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
(4) if you have lodged an objection to the processing in accordance with Art. 21(1) GDPR and it is not yet clear whether the legitimate reasons of the controller outweigh your reasons.
If the processing of personal data concerning you has been restricted, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
If the restriction on processing has been restricted in accordance with the conditions mentioned above, you will be informed by the person responsible before the restriction is lifted.
When processing data for scientific, historical or statistical research purposes:
Your right to restriction of processing may be limited to the extent that the achievement of the research or statistical purposes can be made impossible or seriously impaired and the restriction is necessary for the fulfillment of the research or statistical purposes.
4. Right to deletion
a) Obligation to delete
You can request that the person responsible delete the personal data concerning you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:
(1) The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
(2) You revoke your consent on which the processing was based in accordance with Art. 6(1)(a) or Art. 9(2)(a) GDPR and there is no other legal basis for the processing.
(3) You object to the processing in accordance with Art. 21(1) GDPR and there are no overriding legitimate reasons for the processing, or you object to the processing in accordance with Art. 21(2) GDPR.
(4) The personal data concerning you was processed unlawfully.
(5) The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
(6) The personal data concerning you was collected in relation to information society services offered in accordance with Art. 8(1) GDPR.
b) Information to third parties
If the person responsible has made the personal data concerning you public and is obliged to delete it in accordance with Art. 17(1) GDPR, he will take appropriate measures, including technical ones, taking into account the available technology and the implementation costs, to ensure that the person responsible for data processing to inform those processing the personal data that you, as the data subject, have requested them to delete all links to that personal data or copies or replications of that personal data.
c) Exceptions
There is no right to deletion if processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) to comply with a legal obligation requiring processing under Union or Member State law to which the controller is subject, or to carry out a task carried out in the public interest or in the exercise of official authority vested in the controller became;
(3) for reasons of public interest in the area of public health in accordance with Article 9 Paragraph 2 Letters h and i and Article 9 Paragraph 3 GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes in accordance with Article 89 (1) GDPR, insofar as the law referred to in section a) is likely to make the achievement of the objectives of this processing impossible or seriously impair it, or
(5) to assert, exercise or defend legal claims.
5. Right to information
If you have asserted the right to rectification, deletion or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or deletion of the data or restriction of processing, unless: this turns out to be impossible or involves disproportionate effort.
You have the right to be informed about these recipients by the person responsible.
6. Right to data portability
You have the right to receive the personal data concerning you that you have provided to the person responsible in a structured, common and machine-readable format. You also have the right to transmit this data to another person responsible without hindrance from the person responsible to whom the personal data was provided, provided that
(1) the processing is based on consent in accordance with Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR or on a contract in accordance with Article 6 (1) (b) GDPR and
(2) the processing takes place using automated procedures.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another controller, to the extent that this is technically feasible. The freedoms and rights of other people must not be impaired by this.
The right to data portability does not apply to processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right to object
You have the right to object at any time to the processing of your personal data for reasons arising from your particular situation, which is carried out on the basis of Article 6 (1) (e) or (f) of the GDPR; This also applies to profiling based on these regulations.
The person responsible will no longer process the personal data concerning you unless compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims can be demonstrated.
.
If your personal data is processed for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; This also applies to profiling as long as it is connected to such direct advertising.
If you object to processing for direct advertising purposes, your personal data will no longer be processed for these purposes.
In connection with the use of information society services - regardless of Directive 2002/58/EC - you have the opportunity to exercise your right to object using automated procedures that use technical specifications.
When processing data for scientific, historical or statistical research purposes:
You also have the right to object to the processing of personal data concerning you for scientific or historical research purposes or for statistical purposes in accordance with Article 89(1) GDPR for reasons arising from your particular situation.
Your right to object can be limited to the extent that it is likely to make the realization of the research or statistical purposes impossible or seriously impair it and the restriction is necessary for the fulfillment of the research or statistical purposes.
8. Right to revoke the declaration of consent under data protection law
You have the right to revoke your data protection declaration of consent at any time. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation.
9. Automated decision-making in individual cases including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
(1) is necessary for the conclusion or fulfillment of a contract between you and the person responsible,
(2) is permitted by Union or Member State law to which the controller is subject and such law contains appropriate measures to safeguard your rights and freedoms and your legitimate interests or
(3) takes place with your expressed consent.
However, these decisions may not be based on special categories of personal data according to Art. 9(1) GDPR, unless Art. 9(2) Letters a or g GDPR apply and appropriate measures have been taken to protect your rights and freedoms as well as your legitimate interests.
With regard to the cases mentioned in (1) and (3), the person responsible shall take appropriate measures to protect the rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person on the part of the person responsible, to express one's own point of view and heard to challenge the decision.
10. Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you are of the opinion that the processing of personal data concerning you violates the GDPR.
The supervisory authority to which the complaint was submitted will inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy in accordance with Art. 78 GDPR
North Data GmbH - Hamburg, 13.11.2023